from the a-bit-of-a-slippery-slope dept

Almost exactly a decade ago (man, time flies...), we first discussed the question of whether or not it should be against the law to get hacked. The FTC had gone after Tower Records (remember them?) for its weak data security practices. That resulted in a series of questions about where the liability should fall. Many people, quite reasonably, say that there should be incentives for companies to better manage data security and (especially) to protect their users. But, it's also true that sooner or later, if you're a target, you're going to get hacked. Ten years later and this is still an issue. The FTC went after Wyndham hotels for its egregiously bad data security (which made it easy for hackers to get hotel guests' information, including credit cards), but Wyndham fought back, saying the FTC had no authority over such matters, especially without having first issued specific rules.

Again, Wyndham's security here was egregiously bad. It didn't encrypt payment data, and also used default logins and passwords for its systems. So there's an argument here that some kind of line can be drawn between purely negligent behavior, such as Wyndham's (lack of) data security, and companies who actually do follow some rather basic security practices, and yet still fall prey to hacks. What makes things tricky is that pretty large gray area in between the two extremes.

from the urls-we-dig-up dept

Every so often, there are intriguing stories of a man who speaks multiple languages, waking up with complete memory loss, and carrying no paperwork or identification on them. Sometimes these men are well-dressed when they're found. Sometimes they've been mugged or beaten, but not always. Doctors can't tell if these men are faking amnesia. Police can't figure out identities from fingerprints if they have no criminal records. Here are just a few examples of these mysterious men called John Doe.

from the cinderella-story dept

It's the time of year, when victories are had or not, dreams are realized or dashed along the playing surface, and champions are either born or unseated. Being from Chicago, I've been through this before. I've seen my heroes fall and experienced the heartbreak of having victory snatched from my guys in heartbreaking fashion. Still, even with that experience, it never gets easier.

Which is why we should all be standing up and doing a slow-clap for Electronic Arts, whose "Worst Company" championship string has finally come to an end. And it's all thanks to Comcast, who narrowly defeated cartoonishly evil megacorporation Monsanto in the final showdown. The road to not-glory, however, was not without its controversy.

Comcast’s road to the Poo started out without a speedbump, as the company powered through the first three rounds without ever giving up more than 30% of the vote. And with two-time reigning champ EA eliminated in Round One by Comcast’s merger partner Time Warner Cable, followed by three-time consecutive runner-up Bank of America’s surprise defeat at the hands of Walmart, Comcast seemed destined for the Final Death Match.

But the nation’s largest cable and Internet provider (which is trying to become even larger), almost got stopped in its track by first-time contender SeaWorld, riding high on waves of negative publicity tied to the documentary Blackfish. Comcast pulled off a buzzer-beater to hold off SeaWorld and earn its place in the Final Death Match. From the onset of the day-long bout, lawsuit-lovin’, herbicide-makin’ Monsanto was within striking distance of the Philly Kid, but Comcast gained a hair-thin edge early on and never ceded the lead.

It's been a good run for EA these past two years, in which they deftly ran the treat-customers-like-criminals offense and the delete-yo-crap defense. That kind of strategy led to their distinction for being the only two-time winning and repeat "Worst Company" champion. But if Michael Jordan retired (multiple times), Muhammed Ali fell, and the Lakers turned into whatever you call whatever they are now, then it was only a matter of time before a new, more youthfully horrible champion arose to unseat EA. And that example of awful is Comcast, who appears to think that Mr. Potter from It's A Wondeful Life was a template for how to do things.

And, just so we're all clear here, they beat Monsanto, a company that is attempting to put a corporate and IP stranglehold on food. Food. You know, that thing you need every day in order to live. That means that if you sat the average voter down and asked them which was worse, a big company getting bigger so they can control how you get your television, or the same scenario but with the thing that lets you live, people will choose the former.

I'm not sure that makes a whole lot of sense, but I'll refrain from taking away any of Comcast's glory today. Congrats, you terrible congress-bribing megalith you!

from the no,-unsuspecting-user,-it-is-YOU-who-have-fucked-up dept

Fix your mistake or make it worse? That's the question facing so many, so often. Let's make it worse, shall we? I mean, that's the way it frequently seems to go. And, why not, let's use that infamous "shut the hell up" multi-tool Copyright as well, so that everyone's respect for the concept continues its irreversible decline.

The "soft launch" was actually a botched delivery. New Zealand users weren't simply getting a headstart on the rest of the world. No, Fox simply pushed the wrong button somewhere and accidentally put the app out there for public consumption. As Eli Hodapp points out, nothing untoward or illegal happened, but the response was completely indistinguishable from that sort of situation.

[K]eep in mind, Family Guy: The Quest for Stuff was fully available for download earlier today. No tricks were needed, nothing was stolen or otherwise pirated. Instead, people with New Zealand App Store accounts were just downloading the game like any of us download these games, direct from the App Store without any other associated drama.

But Fox thought that, despite its misstep, it should still have control of the situation. So, it first asked a user via Twitter to remove his gameplay video from YouTube until "launch day," while admitting the game was availabe due to an error on Fox's part.

This user returned to his YouTube account only to find that Fox had already issued a copyright claim against his video. So, rather than be allowed to comply, the user received a strike against his account. Then, Fox went even further and had his Twitch channel shut down. Completely. As of the time of this writing, his account is still closed, supposedly due to "terms of service violations."

Nice work, Fox. Now instead of people talking about the game, they'll be talking about how the entity holding the IP rights hammered potential fans in order to hold onto the game for another couple of days. And instead of giving one fan a chance to comply with its request, it decided to give him an undeserved YouTube strike and shut down his Twitch channel -- all because Fox failed to handle its own end of the app business. Ridiculous.

(But Fox can't shut everything down. Here's a rather amusing video of the Forbidden Game in action.)

from the w-is-an-appropriation-artist dept

You may have heard the recent stories about former President George W. Bush's new exhibit of paintings of world leaders. There's been plenty of chatter about the former President picking up painting as a hobby since leaving office. While many may have assumed that he used his experience in meeting with those world leaders in order to have an accurate representation of what they looked like, the truth is that he just pulled results from Google Image search result for each one. Literally. Some people have gone through and done Google Image searches on each of the subjects he painted, and discovered that the paintings were clearly all based on either the very first result, or very near the top search result.

Yes, that's right. George W. Bush is an appropriation artist.

Many of those images are from Wikipedia, where they're under Creative Commons licensing, but others are clearly covered by copyright. As Animal New York notes, the image of former French President Jacques Chirac comes from a photo of the cover of Chirac's book cover, where the copyright on the photo is actually held by the Associated Press.

The Animal New York article is probably correct that it's unlikely that the Associated Press will go after the former President for copyright infringement, but only because it's hypocritical. In the past, the Associated Press did, in fact, sue Shepard Fairey over his iconic image of President Obama, that was also based on an AP photo. Fairey (stupidly) did himself in by trying to destroy evidence and then lie about it, seriously harming his case, and distracting from the central question of whether or not his image was fair use. But, the AP has sued others over that image as well, so you never know.

While the chances are minimal, it certainly would be interesting to have a case in which, of all people, George W. Bush, becomes the poster child for fair use.

from the and-fuck-you-all-too dept

Yesterday, we wrote about just how terrible the Heartbleed bug in OpenSSL is. It's been generating plenty of discussion, with folks like Bruce Schneier calling it "catastrophic" and saying that "on the scale of 1 to 10, this is an 11." It's a pretty big deal. So you'd think that everyone would be scrambling to help plug the vulnerability as painlessly as possible. And most companies have been doing that. But one -- StartCom -- apparently sees this as an opportunity to rake in cash and to screw over those most vulnerable.

StartCom is a free SSL Cert authority, and on the company's website, it claims it offers this service for free "because we believe in the right to protect and secure information between two entities without discrimination of race, origin and financial capabilities." Except, that's not quite how things are playing out in reality. As is being actively discussed over at HackerNews and via the StartSSL Twitter fee, the company is trying to charge people to revoke the vulnerable certs. Update: And, yes, they're even charging those who are on their premium paid service tiers as well -- and often charging exorbitant rates.

While the company has generally charged for revoking certs, many people pointed out that with a vulnerability of this magnitude, that's both ridiculous and dangerous. However, the company doesn't seem to care.

It's upon the subscriber to take appropriate action since the
certificate authority can't enforce which software to use. The terms of service and related fees will not change due to that.

When it was pointed out to the company how serious a vulnerability issue the company started to get snotty with its own uses:

We do understand the situation very well, thanks.... This is not our fault as well. We do not see any reason to provide this
paid service for free. We have enough other free services already if you
didn't mentioned it.

People began challenging the company on Twitter, and it's taken that same snotty "we don't give a fuck" attitude to them as well:

Yes, this is part of StartCom's business model. Free certs, pay to revoke (Update: but that doesn't explain why they're doing this for paying customers too...). But this is clearly a case where that model should be suspended to keep the internet safe. The amount of ill-will this move is generating is pretty clear. Furthermore, it highlights what a bullshit claim it is that its goal is to better protect communications. If that were true, it would allow emergency revocations for an issue like Heartbleed.

from the where-are-those-29-competitors dept

Comcast is ratcheting up its charm offensive (or perhaps that's just offensive charm) in trying to get its attempted merger with Time Warner Cable approved. It's released its "public interest statement" and a blog post about how wonderful the merger will be. There are plenty of ridiculous claims in both, but let's focus on the key one -- Comcast's decision to completely fabricate "competitors" in various markets to argue that Comcast competes "in a dynamic, expanding and highly competitive marketplace." Of course, for anyone who actually knows what broadband options they have at home are, this statement is clearly bullshit. But Comcast is going to pretend otherwise, because it's Comcast. This chart really takes the cake:

You see that? People in New York City have a wealth of competition according to, well, pure bullshit. Those "29 competitors" involve finding any company in the tri-state area that sorta, kinda offers something that if you squint and sneeze, you might sorta, kinda think maybe could be qualified as broadband if you were the last person on earth and really, really needed a barely working connection to the internet.

In the past, we've reasonably mocked the FCC's website listing broadband competitors, BroadbandMap.gov, because the results it gives are hilariously wrong and/or misleading. But Comcast's competitive claims take this to a new level entirely. Even if we rely on the National Broadband Map, I challenge anyone to find any spot in New York City where someone has anywhere close to 29 choices for actual broadband. Just for fun, I put in an address in the heart of midtown Manhattan, and it coughed up a (laughably misleading) claim of seven competitors. Except three of them (AT&T, T-Mobile and Sprint) are just 3G/4G service over your phones with very low caps and limited speed. Those accounts are explicit that they're not to be used for regular home broadband. So they don't count. You have, of course, the traditional competitors: Time Warner Cable (who Comcast is trying to take over) and Verizon.

And who else? There's just Lightower Fiber Networks and Platinum Equity LLC. Platinum Equity is the private equity firm that bought out MegaPath, a DSL company that has been around (in various forms) for many years, but is only focused on business broadband. Ditto for Lightower Fiber, which only serves businesses. So, oh look, if you want true residential broadband, guess what: your choice is Time Warner Cable or Verizon. And, remember, Verizon is actively trying to get out of the wired broadband market, handing its users over to... their main cable competitors. So, it might not be left until your only real "choice" in the heart of midtown Manhattan is... Time Warner... I mean, Comcast.

from the no-constitutional-issue-at-all dept

During a recent House Judiciary Committee hearing concerning oversight, Rep. Zoe Lofgren decided to quiz Attorney General Eric Holder about the federal government's surveillance efforts, starting off with a rather simple question. She notes that the bulk phone record collection program is considered to be legal by its supporters, based on Section 215 of the Patriot Act, which allows for the collection of "business records." So, she wonders, is there any legal distinction between phone records and, say, internet searches or emails? In other words, does the DOJ believe that it would be perfectly legal for the US government to scoop up all your search records and emails without a warrant? Holder clearly does not want to answer the question, and first tries to answer a different question, concerning the bulk phone records program, and how the administration is supposedly committed to ending it. But eventually he's forced to admit that there's no legal distinction:

This is important. As you may recall, some of the attempts to deal with the phone record collection, including President Obama's, focus only on ending the specific phone record collection program, not the underlying law (or the interpretation of that law). This isn't to say that there are ongoing programs to do bulk warrantless collection of those other types of information, but it is worth recognizing that the government believes there would be no Constitutional issue if it decided to set up such a program.

All along, this has been the problem with Section 215. When it first was discussed, it was often called the "library" provision, as the example that people talked about was using Section 215 to collect the records of what books someone checked out of the library. However, as the phone collection program showed, it's been turned into something much, much broader. Fixing this interpretation is going to take a lot more than just ending one program. It requires changing what is allowed by Section 215.

from the first-sale-is-important dept

Why can't movie-streaming sites deliver the selection of movies that customers obviously want? This was the question posed by a recent New York Times column, comparing undersupplied services like Netflix with unauthorized platforms like Popcorn Time. The answer, the Times explains, is windowing—the industry practice of selling exclusivity periods to certain markets and platforms, with the result of staggered launches.

But the Times fails to ask a more fundamental question: why do streaming sites have to listen to Hollywood's windowing demands in the first place? After all, while it's clear why the studios like windowing—they can sell the same rights over and over once the promised exclusivity periods expire—it doesn't seem like a very good deal for users. Those users get access to a smaller selection, higher prices, and fewer choices between platforms and services. It should be astonishing that a company that once had to maintain and transport a staggering inventory of fragile plastic discs is able to offer less when its marginal cost dropped to near zero.

The problem is that, unlike earlier movie-rental options, streaming rights fall fundamentally within a permission culture. Netflix is a great illustration of what's gone wrong here. It's gone from having a nearly unrivaled catalog of films available to rent to being the butt of Onion jokes. What happened: It shifted from a system where nobody had a veto power over its operations, to one where it had to get permission and make deals with Hollywood. Sometimes it's difficult to find the concrete costs of living in a permission culture, but the decline of Netflix's selection is an important cautionary tale.

It's especially clear when you look at how Netflix upended the movie rental market in the first place. In one way, it suffered from a major competitive disadvantage: competitors like Blockbuster had locations near people's houses. As long as those stores had the movie you wanted, you could be watching within hours—not days—of deciding on a title.

But Netflix was able to experiment with different price points and subscription models and, crucially, it could try those without first convincing any incumbents. Both Blockbuster and Netflix's DVD-by-mail service relied on the first sale doctrine, meaning they can buy physical copies of movies, and then resell or rent at any price they like. No royalties, no licenses, no contracts—with physical media, once a rental company has bought the copy, the copyright holder is basically out of the picture.

You can see how this is great for users. Companies can experiment to find the things that people like best, and have the power to make decisions based on their users' needs and wants. Movie studios still got paid—these rental companies were buying lots and lots of copies, after all—but couldn't exert control over the rental businesses, which could then compete on their merits.

Rightsholders hate not having this control. So the first sale doctrine gets attacked over and over. From Nintendo's suing Blockbuster in the 80s to Universal's "revenue sharing agreement" with Redbox, and through to more recent cases like Kirtsaeng v. Wiley in the Supreme Court, rightsholders have tried to restrict the first sale doctrine in physical media. And when it comes to digital media, consumers have even more of an uphill battle.

When the ranking member of the House Subcommittee on intellectual property is calling the principle of "you bought it, you own it" an extreme view, there's something seriously wrong here. Furthermore, the Netflix example shows that the problem isn't confined to the books, movies, records, and games that we own; it limits the kinds of services that can ever be created.

With a commercial product like Netflix, we can feel those costs today. But more troubling are the costs we will feel tomorrow, in a decade or a century from now, if we make a transition to digital media without keeping the first sale doctrine intact. Copyright has already cost us crucial elements of our cinematic and literary history. Those costs will compound if librarians, archivists, and enthusiasts aren't allowed to care for their own copies.

As Matt Schruers over at the DisCo Project notes, studio practices have ensured that no option so far can be convenient, comprehensive, and lawful. Netflix Instant is a great service for what it is able to offer, but in a permission culture it is broken from the start.

from the collateral-damage dept

Earlier this week, we wrote about the MPAA's announced plans to sue Megaupload in a civil lawsuit to pile on to the criminal charges the company is already facing. As we noted, there's no legitimate reason for such a lawsuit, given the criminal lawsuit already underway, other than as a way to try to get a favorable court ruling it can use against others. Having now read the full complaint against Megaupload, it's quite clear that this is exactly what the MPAA is doing. The lawsuit is incredibly dangerous for the internet, even if you think that Megaupload itself was a bad actor. Even the LA Times -- Hollywood's hometown paper -- has called out the lawsuit for how it may have negative consequences felt broadly across the internet.

That's because the lawsuit makes a whole bunch of claims about Megaupload that are perfectly reasonable activities for tons of user-generated content and/or cloud computing companies. But, because Hollywood has spent years demonizing Kim Dotcom as a movie-style villain a la "Dr. Evil", it seems to be hoping that the courts won't notice that it's basically making up what they want copyright law to be, rather than what it is.

First, it describes the fact that when you upload a file to Megaupload, the service would then give you a link that you could share. The MPAA paints this as if it's some nefarious scheme to encourage infringement. But it's actually how pretty much any cloud or user-generated content site works.

When the upload was completed, Megaupload
reproduced the file on at least one computer server it controlled and provided the user with a
Uniform Resource Locator ("URL") "link" beginning with "megaupload.com." The uploader
could then propagate the link broadly over the Internet, so that anyone interested in downloading
or otherwise accessing a copy of the file could easily find it on Megaupload's servers.

But, of course, Dropbox or YouTube do the same exact thing. Then, they call out the fact that Megaupload did not provide its own search engine, as if that's something nefarious:

To conceal the scope of infringennent occurring on the Megaupload website,
defendants did not provide users with a searchable index of files available for download from the
Megaupload website (although defendants themselves had access to such an index). Instead,
defendants relied on numerous third party "linking" sites to host, organize, and promote URL
links to Megaupload-hosted infringing content, including plaintiffs' copyrighted works.

Except, cloud storage companies from Dropbox to Box to Google Drive don't supply a searchable index of files available on their services either. And that's for a very good reason. Because they're not promoting their services as a place to go to search for infringing works. In fact, you just have to go back to the RIAA's lawsuit against Napster, to see where the exact opposite claim was made. In that case, the court found that Napster was, in part, liable because it had a search feature:

Napster is not an Internet service provider that acts as a mere conduit for the transfer of files.... Rather, it offers search and directory functions specifically designed to allow users to locate music, the majority of which is copyrighted.

Yet, now, the MPAA seems to be arguing that not having a search engine means you're trying to hide copyright infringement. Damned if you do, damned if you don't -- just how the RIAA and MPAA like it. If you have a search engine, you're enabling infringement, if you don't have a search engine, you're "concealing" infringement.

The MPAA also tries to paint other perfectly reasonable business model choices as nefarious. Offering premium paid-for services for faster downloads, or access to larger files, is painted as some evil plan to profit off of infringement. But it also makes perfect business sense for a company like Megaupload seeking to cover its bandwidth bills. Similarly, the famed "financial incentives for premium users" is treated as if this is actually paying people to post infringing works. But that makes little sense. It's actually an incentive to get people to post good content. It's the same reason that YouTube today pays top YouTubers who bring in lots of visitors. Is the MPAA really arguing that such an incentive program is illegal?

To ensure a vast and ever-growing supply of popular copyrighted content to
which they could sell premium access, defendants paid users to upload popular content to
Megaupload's servers. Defendants' Uploader Rewards program promised premium subscribers
cash and other financial incentives if they uploaded popular works, primarily copyrighted works,
to Megaupload's servers. The rewards program also encouraged users to publicly promote links
to that content, so that the content would be widely downloaded.

Except, nothing in this program appeared to be about encouraging people to post infringing works. In fact, it would seem like a pretty stupid program for encouraging infringement, as Megaupload would likely be able to bring in a lot more attention and revenue for authorized legitimate content. Such a program, in actuality, appears to be the perfect way for artists to go direct to their fans, offering them ways to get the content for free, while still earning money. In fact, that's why artists like Busta Rhymes spoke out in favor of Megaupload after it was shut down. He pointed out that he could make a lot more money releasing his own music directly via Megaupload, than in going the old record label system.

Furthermore, since this lawsuit is from the movie studios, they list out a number of specific movies that they claim were on the site. However, Megaupload says that the uploader rewards program only applied to files smaller than 100MB, meaning it likely didn't apply to any films that were uploaded. Assuming that's accurate, the studios are going to have quite a difficult time proving that the rewards program induced infringement of movies.

On top of that, even if the program was used by some to make money from sharing infringing works, the program itself is clearly content neutral, and not about encouraging sharing of infringing works. For the MPAA to allege otherwise threatens all kinds of incentive programs on pretty much any user-generated content site.

Next, the MPAA complains that when they sent takedowns to Megaupload, it only removed the specific URL they sent, and not all copies of the content. But, uh, that's all that the law requires. As the court in the YouTube/Viacom case ruled, under the DMCA, the service provider needs to be made aware of specific locations where infringing content is. They can't just be given a single URL and told to "block all copies of that." Nor would such a request be reasonable either, as infringement depends on context, not content. In the YouTube/Viacom case, Viacom initially sued over files that its own employees had uploaded, meaning they were licensed -- yet it argued those were infringing. You run into the same problem here in that the MPAA is arguing that if you know that a particular file is infringing, all similar content must be removed. But the law does not say that. Though, clearly, the MPAA is seeking to change the interpretation of the law.

Next, the MPAA argues that because Megaupload could have used filtering tools to prevent new uploads of works previously claimed as infringing, and did not do so, that proves it's liable. However, that's completely bogus. Many, many, many copyright cases have all said over and over again that nothing in the DMCA creates a duty for service to proactively filter new uploads. In fact, the industry itself admits that this is true, because they're currently asking Congress to change the law to make this a new legal requirement. Yet, in the Megaupload complaint, they pretend it is already the law:

Megaupload could also have implemented various readily available and effective
technological solutions (including, without limitation, automated filtering using digital
fingerprinting-based content-identification technology) to identify and prevent infringement of
copyrighted content.
Megaupload chose not to do so.

But there is no legal reason why it had to do so. In fact, considering that others have spent tens to hundreds of millions of dollars on such systems, there are perfectly good business reasons not to have spent such money. Here, the MPAA is using this lawsuit to try to get a court to suggest there's a legal duty to filter. This would have a huge negative impact on startups who couldn't afford the tens of millions of dollars entry fee.

You can argue that Megaupload was widely used for infringement. You can even argue that Megaupload management were awful people who didn't care that much about copyright. But if you read this lawsuit objectively, you have to admit that it is a straight up attack on the basic principles of cloud computing and user-generated content, while seeking to change settled law and reinterpret the DMCA in a way the MPAA fantasizes it should be, rather than the way the law is today. That's incredible dangerous.

It's no surprise that they're doing this against Megaupload, a company based halfway around the globe, with all its assets seized, and which is fighting a massive criminal complaint at the same time. That will, obviously, lead to limited resources to fight this civil suit, making it easier for the MPAA to sneak through dangerous changes to the law, via potential court rulings. These are changes that it's been unable to get written into the law for the past few years, so now it's using the courts to try to do its dirty work.

No matter what you think of Megaupload, this is a very dangerous lawsuit.

It turns out that both headlines are accurate, though it's the second one that's the bigger issue here. You can see the details laid out (quite clearly) by Singapore's Ministry of Law. It notes that they currently have a DMCA-like notice-and-takedown setup, but have apparently decided that this is somehow too burdensome for rightsholders who have pushed the government to come up with an alternative plan (gee, this sounds familiar...). They don't seem to explain why this is so burdensome, they just say that there's too much "uncertainty" in having to actually "establish the liability for infringement." So, rather than do that, it appears that the Singaporean government is willing to chuck basic due process, and go for flat-out censorship without due process.

Under the proposed legislative changes, rights holders will also be allowed to apply directly to the Courts for injunctions to prevent access to pirate sites without having to first establish ISPs’ liability for copyright infringement. This judicial process is more efficient and avoids implicating the ISPs unnecessarily.

So, just as in SOPA, the idea is that rightsholders can suddenly declare that certain sites are "rogue" and courts can agree to wipe them off the face of the internet, by ordering ISPs to block access to them. The Singaporean government insists this won't be a problem for legitimate sites, because it seems to have bought into the Hollywood fallacy that what is a "legitimate" site and what is a "pirate" site are somehow obvious, rather than a spectrum in which nearly everything is some form of gray.

This is targeted at websites that show a blatant disregard for, and that clearly infringe, copyrights. Legitimate search engines and content sharing sites such as Google and YouTube will not be affected.

Notice how they just blithely insist that YouTube is legitimate. That may well be news to YouTube's lawyers, who just concluded (via settlement) a seven-year battle in which Viacom literally insisted that YouTube was the equivalent of a video Grokster (the file sharing service that lost its court case for enabling infringement). And that's where the real problem is. It's easy to claim that it's obvious when a site is legitimate and when it's not, but reality doesn't work that way. For years, many people were pretty sure that Napster was perfectly legitimate under the rules of the Sony Betamax ruling, but then a court decided otherwise. Similarly, many assumed that YouTube was illegal, until that case settled. Hell, even the VCR was a "pirate tool" until the Supreme Court ended that argument thirty years ago.

And, of course pretty much all of modern entertainment history is filled with similar examples of new innovations in the delivery and consumption of content that are at first deemed illegal, until suddenly they're not. The player piano, the phonograph machine, radio, television, cable television, the photocopier, the DVR, the VCR, the mp3 player, and many other innovations were first decried as "pirate" technologies. And then they weren't. But with the Singaporean government insisting that it's somehow obvious which ones are legitimate and which ones are not, Singapore is almost guaranteeing that important legitimate innovations that help move the industry forward will, instead, get censored and blocked across the entire country.

That's no way to present yourself as an innovative country.

So, yes, later in the document, they reject three strikes (and administrative, rather than judicial, blocking) as too draconian and intrusive:

Countries like Spain and Malaysia have implemented an administrative site-blocking approach where rights holders can apply for site-blocking orders from a Government-appointed body. Countries like France have introduced a “graduated response” system where individual internet users are notified of their infringing activity by the ISP, and can be penalised if they continue their infringing activity despite repeated notifications (or “warnings”).

We considered the alternatives above but assessed that they may not be suitable in Singapore’s context as they are too intrusive on internet users.

But, in many ways, the alternative "solution" that Singapore appears to be supporting is worse than three strikes. It's outright censorship against innovation, based on a faulty belief that it will be immediately obvious whether or not new innovations and technologies are "legitimate" or "pirates."

from the beat-it dept

I imagine in some room somewhere, a whole bunch of people in well-tailored suits came up with the idea of DMCA takedowns and thought it'd be just peaches. The practical application of that policy, however, has been something of a performance art piece on how intellectual property is a canard better left on the cutting room floor. YouTube in particular exemplifies this, what with their attempts to comply with rightsholders juxtaposed to a service model that just begs for case studies in inadvertent violations and strong arm attempts by confused non-rightsholders.

ANYWAY, I went through all of the trouble of uploading and editing both of these boring-ass videos to a popular Internet video hosting website, only to have the aforementioned website totally mute the Brooklyn Bridge video because there's a Michael Jackson impersonator at the foot of the bridge and he's performing to the song "Beat It," which you can hear in the background.

So, someone crossing a bridge has a video of the experience that includes the decades-old song of a deceased performer being reenacted by a street performer... and down the video goes. I imagine the originators of copyright are rolling over in their graves at this point, never imagining that automated systems would trip the flag on this kind of takedown. Even imagining for a moment that this wouldn't or shouldn't be considered fair use, can someone explain to me what the point of all this is?

I'm pretty sure incidental capture of a portion of a song being played by a street performer falls under "fair use," and I've disputed it because I have nothing better to do with my life, but in the meantime I'm inspired by the knowledge that our publicly-traded companies go to such great lengths to protect the copyrights of great Americans like Michael Jackson.

The reality of course is that the rights to the song are held by a third party label and this was just the automated system accidentally capturing a video that the label probably wouldn't even bother taking down itself and blah, blah, blah. All I know is this is really stupid and a hindrance to the simple sharing culture that humanity has always enjoyed. Thanks copyright.

from the 'with-a-computer'-doesn't-really-specify-a-search-method dept

[T]he government continues to submit overly broad warrants and makes no effort to balance the law enforcement interests against the obvious expectation of privacy e-mail account holders have in their communications.

So far, so good, as far as upholding the Fourth Amendment goes. Then later in the month, Facciola appeared to switch sides, rejecting a warrant application for a cell phone search because, as he saw it, there was no need for the police to obtain one. This determination was based on the warrant application's description of the phone as being "abandoned" by the suspect, when in all reality, it may have just been dropped inadvertently. This strange order put the police in the strange position of being forbidden to obtain a warrant, something that could potentially jeopardize the prosecution's case if another judge later determines a warrant was, in fact, needed before performing the search of the phone.

Although Attachment B provides a sufficiently particularized list of the data that the government will search for and seize, the Forensic Analysis section fails to provide this Court with the same level of detail as to the methodologies to be used to conduct the search. Specifically, the government fails to articulate how it will limit the possibility that data outside the scope of the warrant will be searched. For the reasons stated below, the government’s Application for a search and seizure warrant will, therefore, be denied.

Specifically, Facciola finds this warrant approved from others he has blocked in the past, but the government still seems hesitant to explain exactly how it plans to limit its search to just pertinent data and documents.

The Court also requires a search protocol for a separate Fourth Amendment reason—to particularly describe the place to be searched. In a broad manner, describing the iPhone and its specific IMEI number certainly describes the “place to be searched” in a particular manner. But an electronic search is not that simple. An iPhone 4 has either 16 GB or 32 GB of flash memory, 10 which could allow storage of up to around two million text documents. Obviously no one—especially not a college student—would fill an iPhone with text documents, but it is inconceivable that the government would go file by file to determine whether each one is within the scope of the warrant. Instead, as the government has explained in extremely general terms, it will use some sort of “computer-assisted scans” to determine where to look because those scans will determine which parts will be exposed “to human inspection in order to determine whether it is evidence described by the warrant.”

Facciola notes that the fact that so much can be stored similarly increases the chance of abuse. All he's asking for is for the government to be more specific in its description of how it will minimize accessing data not related to the case at hand, and all the government has provided so far is vagaries like "computer-assisted scan" and "keyword searches."

It tells the Court nothing about what will actually happen and does not provide a means of searching so that this Court is assured that it is the type of particularized search that the Fourth Amendment demands. What the government has submitted is no better than the vague explanation in In re Search of Odys Loox that it will “image each device, search them, and keep all files.”

If Facciola sounds irritable, it's probably because this is the third time he's sent the government back to work on this particular warrant request. And this is the third time he's had to make this statement, one which still seems to elude the agency making the request.

Until the government actually explains how the search will proceed, and thus how the government intends to limit its search of data outside the scope of the warrant, this warrant cannot be issued.

So, it appears Facciola's fighting for citizens' Fourth Amendment rights against a government that seems unwilling or unable to narrow the scope of its electronic searches. Of course, this protection seemingly only extends to citizens whose phones have been properly seized as evidence, rather than dropped/abandoned and claimed by pursuing law enforcement agents. If it's the latter, Facciola appears to believe it's an imposition on law enforcement to demand a warrant. Still, two out of three (in just this month alone) is a pretty good batting average for Americans' rights, something that tends to be subverted very easily by expansive judicial readings of the Third Party Doctrine.

from the government-as-parent:-because-I-said-so dept

We've seen our share of redacted pages here at Techdirt, covering everything from NSA rules violations to GPS tracking to transcripts of court proceedings. Redaction is a way of life for the government, making a mockery of both the Freedom of Information Act AND this administration's claim that the White House is the most transparent place on earth.

inter-agency or intra-agency memorandums or letters which would not be available by law to a party other than an agency in litigation with the agency

In reality, it covers all of the following, according to Unredacted's research.

The Department of Justice’s use of b(5) to censor dozens of pages of a candid history of Nazi-hunting (and Nazi-protecting) by the U.S. government to such a self-defeating extent that former officials leaked the entire document to the New York Times, instead of fulfilling a Freedom of Information request.

The CIA, supported by the Department of Justice, is currently using the b(5) exemption to keep secret its history of the 1961 Bay of Pigs Invasion, arguing that it’s release “could confuse the public.”

Muckrock’s Shawn Muscrave has reported that The Federal Elections Commission attempted to argue that it’s own guidance on when to apply b(5) is itself exempt from release under b(5) –even though it had already been posted on the FEC’s website.

This is the next FOIA battleground, according to Unredacted. The expansive reading of this exemption has lead to the government adopting this as the go-to redaction, applied haphazardly to withhold information from the public. The b is for "broad," or as Redacted puts it, "withhold it because you want to."

The blog points to one of the most ridiculous redactions in a sea of misuse -- the withholding of a State Department employee's hand-scrawled "commentary" on a proposed bill to designate Pakistan as a state sponsor of terrorism.

Sure enough, b(5) was cited when redacting the opinion ("What a bunch of crap!"), meaning that this penned commentary somehow was an inter/intra-agency "memorandum or letter" not meant for the public's eye. The fact that it was neither and was written on a copy of a publicly available piece of legislation didn't stop the agency from redacting it. Two years later, it was finally forced by the court to uncover the rogue commentary.

"Because you feel like it" sums it up completely. Someone hoped to head off a microscopic bit of embarrassment by abusing the FOIA exemptions and somehow we're expected to believe other b(5) redactions are done with a sense of purpose and restraint.